06 December 2006

we received this excellent bank of america.com phish today. it even got around gmail's junk email filter and thats unusual so it could be a new style...

click picture to enlarge

====

an easy way to tell is to run your mouse over the hyperlink while looking down toward the status bar...for instance in this phish the link looks legitimate but a second look in the status bar shows that they dont match see it begins: starlightdancestudio.com ...to make sure, next you (in firefox 2.0) right click the link and >copy shortcut > then you paste that in your trace route...

3d's traceroute truncates the url down to the domain name.see starlightdancestudio.comis hosted by someone called ecommerce.com...its not a bank of america domain. then you forward the email complete to the abuse department and cc: reportphishing@antiphishing.org and spam@uce.gov

if you want to although theres no need to email them -- you can also use 3d's traceroute to find out who is the domain name registrar.